Appendix C: Firewall Rules
| Source Component | Source Port | Source IP | Destination Service | Destination Port | Protocol | Type | Description |
|---|---|---|---|---|---|---|---|
| Big IP LTM/GTM IP | Any | Big IP LTM/GTM IP IPs | avx_platform_logs(logstash) | 5514(Default port) | UDP | Inbound | SYSLOG Reception from syslog server |
| Web Load balancer(VIP) | Any | LoadBalancer of Web VIP | AppViewX Web nodes | 5004 | TCP | Inbound | AppViewX web port |
| Logstash(avx_platform_logs) | 5512 | Logstash IP | KAFKA node | Any | UDP | Outbound | AppViewX syslog receiver |
| SCEP supported network devices | Any | Network Device IP | AppViewX SCEP Plugin | 5250 | TCP | Inbound | AppViewX SCEP port |
Open the below port to access the web application:
| Component | Port | Protocol | Type |
|---|---|---|---|
| Web | 5004, 5550, 5555 and 5556 | TCP | Inbound |
The below rules are for internal communication between AppViewX components:
| Component | Port | Protocol | Type |
|---|---|---|---|
| MongoDB | 5000 | TCP | Inbound |
| avx_platform_consul | 5901, 5902, 5903, 5904, 5905, 5910, 5911, 5912, 5913, 5914 and 5915 | TCP | Inbound |
| avx_platform_vault | 5920 and 5921 | TCP | Inbound |
| plugins | 5001, 5002, 5008, 5100, 5200, 5207, and 5250 | TCP | Inbound |
| avx_platform_gateway | 5300 | TCP | Inbound |
The below rules are for syslog communication between AppViewX components:
| Component | Port | Protocol | Type |
|---|---|---|---|
| Logstash | 5512 and 5514 | TCP | Inbound |
| avx_platform_syslog | 5005 | TCP | Inbound |
| avx_platform_syslog_receiver | 5006 | TCP | Inbound |
The below rules are for insight operation between AppViewX components:
| Component | Port | Protocol | Type |
|---|---|---|---|
| Elasticsearch | 5500 and 5550 | TCP | Inbound |
| avx_insight_subsystem_adc | 5114 | TCP | Inbound |
| avx_insight_statistics_bot | 5247 | TCP | Inbound |
| Note: Make sure the outbound ports are not open. | |||